Main Article Content

Authors

This article presents the process carried out to evaluate the most suitable intelligence technique for the identification of malicious traffic in order to minimize the risk of a cyberattack. This was accomplished through four phases using an action research methodology articulated to a systematic literature review, and through proposed scenarios that allowed for the validation of this approach.

Santiago Ordoñez Tumbo, 1 Institución Universitaria Colegio Mayor del Cauca, Faculty of Engineering, Computing Engineering Program, I+D in Computing Group, Popayán-Colombia.

https://orcid.org/0000-0001-7420-5410

Katerine Márceles Villalba, Universidad de Antioquía, Faculty of Engineering, System Engineering Program, In2lab Group, Medellín-Colombia

https://orcid.org/0000-0002-4571-0714

Siler Amador Donado, Universidad del Cauca, Faculty of Electronic Engineering and Telecommunicatios, System Engineering Program, Information Technology Research and Development Group (GTI), Popayán-Colombia.

https://orcid.org/0000-0002-4571-8273

1.
Ordoñez Tumbo S, Márceles Villalba K, Amador Donado S. Validation of the Intelligence Technique in the detection of cyber attacks. inycomp [Internet]. 2024 Aug. 22 [cited 2024 Dec. 21];26(3):e-20213800. Available from: https://revistaingenieria.univalle.edu.co/index.php/ingenieria_y_competitividad/article/view/13800

Kaspersky, «¿Qué es la Ciberseguridad?,» Latam Kaspersky, [En línea]. Available: https://latam.kaspersky.com/resource-center/definitions/what-is-cyber-security. [Último acceso: 12 01 2021].

J. P. Sifre, «IDS de red para la detección de ataques sobre SSH y FTP,» Universidad de Alicante, España, 2020.

B. Y. Navarro, «Blockchain y sus aplicaciones,» 2017. [En línea]. Available: https://docplayer.es/74398078-Blockchain-y-sus-aplicaciones.html. [Último acceso: 1 2021].

T. ©. 2021, «TELCO manager,» Telcomanager, 2021. [En línea]. Available: https://www.telcomanager.com/es/blog/que-es-el-netflow/. [Último acceso: 12 1 2021].

J. S. A. Enrique Javier Santiago, «Riesgos de Cibersguridad en las Empresas,» Tenología y Desarrollo, vol. 15, pp. 3-33, 2017.

P. P. Angie Valencia, «Internet Industrial de las Cosas (IIOT): Nueva Forma de Fabricación Inteligente,» Fundación Universitaria de Popayán - FUP, Popayán, 2020.

H. G. W. W. Y. G. Yi Zeng, «A Deep Learning Based Network Encrypted Traffic Classification and Intrusion Detection Framework,» IEEE Xplore, vol. 7, nº Doi:10.1109/ACCESS.2019.2908225, pp. 45182 - 45190, 01 04 2019. DOI: https://doi.org/10.1109/ACCESS.2019.2908225

P. R. K.-K. R. C. N. B. Gonzalo De La Torre Parra, «Detecting Internet of Things attacks using distributed Deep Learning,» Journal of Network and Computer Applications, vol. 163, nº https://doi.org/10.1016/j.jnca.2020.102662, 01 08 2020. DOI: https://doi.org/10.1016/j.jnca.2020.102662

J. P. P. C. d. O. L. R. M. V. H. C. d. A. Kelton Pontara Augusto da Costa, «Internet of Things: A survey on machine learning-based intrusion detection approaches,» Computer Networks, vol. 151, nº https://doi.org/10.1016/j.comnet.2019.01.023Get rights and content , pp. 147-157, 2019. DOI: https://doi.org/10.1016/j.comnet.2019.01.023

H. K. Q. C. C. M. L. Muhammad Asaad Cheema, «Utilizing Blockchain for Distributed Machine Learning based Intrusion Detection in Internet of Things,» IEEE Xplore, vol. 16th International Conference on Distributed Computing in Sensor Systems (DCOSS), nº Doi: 10.1109/DCOSS49796.2020.00074, 2020. DOI: https://doi.org/10.1109/DCOSS49796.2020.00074

J. E. L. Emilio Berrocal de Luna, «El proceso de investigación educativa II: Investigación - Acción,» Universidad de Granada, España.

Z. T. A. K. B. X. D. M. G. Muhammad Shafiq, «CorrAUC: A Malicious Bot-IoT Traffic Detection Method in IoT Network Using Machine-Learning Techniques,» IEEE Xplore.

Q. Y. H. H. S. W. L. P. L. W. B. Y. Zhenxiang Chen, «Machine learning based mobile malware detection using highly imbalanced network traffic,» Information Sciences, nº https://doi.org/10.1016/j.ins.2017.04.044, pp. 346-364, 2018. DOI: https://doi.org/10.1016/j.ins.2017.04.044

T. J. L. Ayush Kumar, «EDIMA: Early Detection of IoT Malware Network Activity Using Machine Learning Techniques,» IEEE Xplore, 22 07 2019.

F. U. R. A. Y. A. T. F. Toshiro Nagata Bolivar, «Análisis de seguridad en tráfico de redes empleando minería de datos,» Revista Ibérica de Sistemas e Tecnologias de Informação, vol. 21, pp. 314-326, 2019.

C. C. J. G. Santiago Eguren, «Modelado probabilístico basado en aprendizaje profundo para la detección de anomalías en el tráfico de red,» XXI Workshop de Investigadores en Ciencias de la Computación, nº http://sedici.unlp.edu.ar/handle/10915/77280, pp. 1-4, 2019.

G. A. G. Montes, «Detecting and classifying malicious TLS network traffic using machine learning,» E.T.S. de Ingenieros Informáticos (UPM), Madrid, 2018.

L. I. B. L. Á. L. V. C. M. B. H. Á. Freddy Daniel Bazante Veloz, «Indicadores para la detección de ataques ransomware,» Revista Ibérica de Sistemas e Tecnologias de Informação, nº 19, pp. 493-506, 2019.

J. B. A. D. Omar M. K. Alhawi, «Leveraging Machine Learning Techniques for Windows Ransomware Network Traffic Detection,» Cyber Threat Intelligence. Advances in information Security, vol. 70, nº https://doi.org/10.1007/978-3-319-73951-9_5, pp. 1-11, 24 04 2018. DOI: https://doi.org/10.1007/978-3-319-73951-9_5

P. K. R. Sunil Kumar Singh, «Detecting Malicious DNS over HTTPS Traffic Using Machine Learning,» IEEE Xplore, nº Doi:10.1109/3ICT51146.2020.9312004, 08 01 2021. DOI: https://doi.org/10.1109/3ICT51146.2020.9312004

Q. Y. Nour Alqudah, «Machine Learning for Traffic Analysis: A Review,» Procedia Computer Science, vol. 170, pp. 911-916, 2020. DOI: https://doi.org/10.1016/j.procs.2020.03.111

B. P. J. B. B. N. Robert Ian McKay, «Machine Learning Algorithms on Botnet Traffic: Ensemble and Simple Algorithms,» ACM Digital Library, nº https://doi.org/10.1145/3314545.3314569, pp. 31-35, 03 2019. DOI: https://doi.org/10.1145/3314545.3314569

V. P. S. M. S. Gurpal Singh Chhabra, «Cyber forensics framework for big data analytics in IoT environment using machine learning,» Multimed Tools Appl , vol. 79, nº https://doi.org/10.1007/s11042-018-6338-1, p. 15881–15900, 2020. DOI: https://doi.org/10.1007/s11042-018-6338-1

Y. L. W. F. Rong Chen, «Android Malware Identification Based on Traffic Analysis,» Artificial Intelligence and Security. ICAIS 2019. Lecture Notes in Computer Science(), vol. 11632, nº https://doi.org/10.1007/978-3-030-24274-9_26, p. 293–303, 2019. DOI: https://doi.org/10.1007/978-3-030-24274-9_26

Z. S. X. D. M. G. Muhammad Shafiq, «Selection of effective machine learning algorithm and Bot-IoT attacks traffic identification for internet of things in smart city,» Future Generation Computer Systems, vol. 107, nº https://doi.org/10.1016/j.future.2020.02.017, pp. 433-442, 06 2020. DOI: https://doi.org/10.1016/j.future.2020.02.017

H. Y. D. W. J. D. M. Z. Wanting Yu, «SL-BiLSTM: A Signal-Based Bidirectional LSTM Network for Over-the-Horizon Target Localization,» Journals Hindawi, vol. 2021, nº https://doi.org/10.1155/2021/9992120, 2021. DOI: https://doi.org/10.1155/2021/9992120

N. N. y. A. B. Miloud Besnassi, «Face detection based on evolutionary Haar filter,» Pattern Analysis and Applications, vol. 23, nº https://doi.org/10.1007/s10044-019-00784-5, pp. 309-330, 12 02 2020. DOI: https://doi.org/10.1007/s10044-019-00784-5

R. D. Gómez, «Introducción y optimización estocástica de redes neuronales profundas MLP,» Universitat De Barcelona, Barcelona, 2020.

E. D. d. l. R. Montero, «Máquinas restringidas de Boltzmann para el modelado de sistemas no lineales,» Centro de Investigación y de Estudios avanzados del Instituto Politécnico Nacional, Tesis para Doctorado en Ciencias, 2018.

M. F. I. M. Gilbert Pla Martinez, «Clasificador automático de imágenes de muestras de sangre basado en redes neuronales profundas,» Revista Ingeniería Electrónica, Automática y Comunicaciones, vol. 40, nº 1, pp. 18-30, 2019.

B. S. S. A. M. J. F. D. B. G. N. Chao Liang, «Intrusion Detection System for Internet of Things based on a Machine Learning approach,» IEEE Xplore, nº Doi: 10.1109/ViTECoN.2019.8899448, 2019. DOI: https://doi.org/10.1109/ViTECoN.2019.8899448

L. A. A. M. T. S. V. S. M. Cristian Cardellino, «Convolutional Ladder Networks for Legal NERC and the impact of Unsupervised Data in Better Generalizations,» The Thirty-Second International Florida Artificial Intelligence Research Conference (Flairs - 32), pp. 155-160, 2019.

E. d. d. m. d. a. p. e. Azure, «Microsoft Azure,» 2020. [En línea]. Available: https://docs.microsoft.com/es-es/azure/architecture/reference-architectures/ai/training-deep-learning. [Último acceso: 02 02 2021].

N. f. Cybersecurity, «Cisco Press,» 03 10 2017. [En línea]. Available: https://www.ciscopress.com/articles/article.asp?p=2812391&seqNum=5. [Último acceso: 02 02 2021].

Received 2024-04-13
Accepted 2024-08-08
Published 2024-08-22